Displaying 20 results from an estimated 20000 matches similar to: "[Fwd: Re: DNAT rule for vsftp (PASSIVE FTP)]"
2007 Oct 05
0
[Fwd: Re: DNAT rule for vsftp (PASSIVE FTP)]
-------- Original Message --------
Subject: Re: [LARTC] DNAT rule for vsftp (PASSIVE FTP)
Date: Fri, 05 Oct 2007 12:17:42 +0530
From: Mohan Sundaram <smohan@vsnl.com>
Reply-To: smohan@vsnl.com
To: Indunil Jayasooriya <indunil75@gmail.com>
References: <7ed6b0aa0710042251u6442fb85ma74e46aa9d3f81f9@mail.gmail.com>
Indunil Jayasooriya wrote:
> Hi all,
>
> I want to run
2007 Oct 05
3
DNAT rule for vsftp (PASSIVE FTP)
Hi all,
I want to run vsftp behind a firewall.(i.e DMZ zone) . It is runnig as
passive ftp.
the theroy behind passive ftp is ,
- FTP server''s port 21 from anywhere (Client initiates connection)
- FTP server''s port 21 to ports > 1024 (Server responds to client''s
control port)
- FTP server''s ports > 1024 from anywhere (Client initiates data
2007 Oct 05
3
DNAT rule for vsftp --(PASSIVE FTP)
Hi all,
I want to run vsftp behind a firewall.(i.e DMZ zone) . It is runnig as
passive ftp.
the theroy behind passive ftp is ,
- FTP server's port 21 from anywhere ( Client initiates connection)
- FTP server's port 21 to ports > 1024 (Server responds to client's
control port)
- FTP server's ports > 1024 from anywhere (Client initiates data
connection to
2006 Sep 17
0
Weird DNAT + passive FTP bug
Hello,
I''m observing a weird bug with ip_nat_ftp in a somewhat more complicated
constellation. It''s possible that XEN is also involved in this, but I''m
not sure.
What I''m trying to do is have XEN guest domains on a host, connected via
a bridge into a private network. The the privileged domain attaches to
this private network and acts as a NAT router to connect
2008 Mar 30
7
FTP DNAT not working - "Server sent passive reply with unroutable address"
Hi all!
I am a long time lurker, but have not posted until now.
My old trusted firewall machine broke a couple of weeks ago and I replaced it
with a XEN domU that is using DNAT and has two interfaces. The firewall domU and
the FTP server domU are both guests on the same dom0. All three machines are
running Debian/etch (stable) and Shorewall has version 3.2.6.
I can''t get FTP to work
2005 Oct 26
1
vsftp passive mode / iptables issue
I've been struggling with my firewall and getting vsftp to work in
passive mode.
It seems that everything on this hosting server works just fine without
the eth0 entry in my iptables except for vsftp in passive. Am I opening
up too much by adding the eth0 line?
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT
2005 Nov 11
3
passive FTP trafic control
Hi All
How to classify packets belonging to a FTP session?
Port 21 session is easy. but what about data transfers? Their port numbers
(both) are above 1024.
I was thinking about ip_conntrack_ftp. Something like:
iptables -A FORWARD -p tcp --sport 1024: --dport 1024: \
-m state --state ESTABLISHED,RELATED -j CLASSIFY --set-class X:Y
But what if I also have ip_conntrack_irc, for instance.
2007 Mar 13
1
Which ftp is better? vsftp or wuftp or proftp
Hi,
I want to setup a ftp Server on CentOS 4.4. I will have to choose which ftp
is IDLE among 3 ftp pkgs that are vsftp,wuftp or proftp?
What do you recommend?
--
Thank you
Indunil Jayasooriya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20070313/453527c8/attachment.html>
2007 Feb 06
1
vsftp
I'm having an odd behavior with vsftp on all CentOS 4 servers... maybe 3
too, but I'm not on those much.
I am transferring in port mode as I've never managed to get passive to
work with a firewall running.
Anyway, this is what happens.
During normal transfers with few files.. it works perfectly.
During the transfer of like a large website with hundreds of files in
various
2007 Sep 09
1
Problem with VSFTP
I have a vsftp server hosted on custom dyndns site. We have a 4mb ADSL
connection. When I tried to download the files from the ftp server with wan
IP address or the dyndns address it downloads some files and disconnects.
Please find below an extract from the log file (ace ftp client). I would
appreciate if someone could guide me, possibly with a solution for this
problem.
Many thanks
2012 Sep 27
3
vsFTP and shorewall
Dear all,
Dear support and users:
Sorry to trouble you! I configure the shorewall firewall to forward ftp and ssh port to another server, but failed. Can you help me check?
I cannot login both SSH 2222 and ftp!
Below is my environment: (attachment is shorewall dump)
1. Gateway (FC6)
1.1) eth0: lan static IP: 192.168.1.20
1.2) eth1: external public static IP:
2007 Sep 22
3
vsftp question ?
Hi,
I want to setup vsftp on centos 4.5. 2 types of ftp. they are active and
pasive. What is the default type ftp type o CentOS ?
Is is PASIVE ftp?
in /etc/vsftpd/vsftpd.conf, I found below line. What should I do for below
line?
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
Should I COMMENT it out? I need a very secure ftp service.
YOUR
2005 Jan 03
1
Unable to do passive ftp after updating to 2.0.9
Hi,
I''m using the same set of firewall rules of 2.0.x
(sorry, I can''t remember the exact minor version) and
put it to work with 2.0.9. And now I can''t do passive
ftp (was working before).
I see that my NEWNOTSYN is set to Yes, and the
loc->net rule is blocking 1024:65535.
But I believe with the ip_conntrack_ftp, the passive
mode would be allowed, since
2007 Jan 08
3
How can I do traffic shapping for passive ftp ?
Hello
I''ve setuped a bridge with iptables + layer + ipp2p + tc
I don''t know how to shape passive ftp ?
If I put rules on port 20, 21 or using layer 7 iptables accounting
still empty ...
When I done a tcpdump I can see that othe port than 20 or 21 are used ...
Any Ideas of how I can achieve this ?
Regards
2004 Nov 21
0
script to shape outbound passive/active ftp traffic
Hi,
I just wanted to share my script with the list. I have been trying to
shape outbound passive and active ftp traffic without affecting inbound
and lan transfers. I have tried to do this for a long time and it seems
that I have finally figured it out.
Feel free to comment on the below script if there is anything that can
be improved. It seems to work flawlessly so far.
#!/bin/bash
2004 Jul 29
0
limiting outbound passive ftp
Hi,
I am trying to use the following script to limit my passive ftp traffic
to 35KBytes.
Problem is, it kill''s the entire connection on that computer. The
script is running on the same machine as the ftp server. I was hoping
to limit the ftp traffic, and only the ftp traffic, leaving the computer.
It seems to limit everything, i tried transfering a file with samba and
the whole
2004 Aug 05
1
marking passive ftp and shaping
I am trying to mark outbound passive ftp traffic with iptables and shape
it to 35KBytes. I am using the following script on the computer that
runs the ftp server.
It is not working correctly, it seems to limit ALL traffic. Cant file
share or anything.
Anyone might know what is wrong?
#!/bin/bash
#shaping passive ftp traffic
# mark the outbound passive ftp packets on ports 50000-51000
2017 Feb 15
1
vsftp problem C7
Hi list,
I've a problem with vsftpd on C7.3. This is a dedicated server protected
by a Zywall5. SELINUX is disabled.
This is my vsftpd configuration:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
2007 Jun 06
0
Controlling FTP in Passive Mode
I am trying to control traffic in my server and a doubt came over
me... My ftp server is set up in passive mode, so it will randomly
choose a port to transfer data (in my case ports 50000-50100)... Is there a
way of controlling this ftp traffic without marking packets?
Thanks!
Bye...
msn: fredi_bieging@hotmail.com
skype: fredibieging
A mathematician is a machine for converting coffee into
2004 Apr 07
2
SOLVED: passive FTP doesn''t work
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
Remember my thread that I can''t FTP into my server? It seems that (well, what
Tom has suggested) ip_conntrack_ftp and ip_nat_ftp weren''t loaded. I don''t
know why in that particular machine mdk9.2 doesn''t load them by default,
whereas in other machine they were loaded.
I have put them in /etc/modules, and